linux/net/bluetooth/sco.c
<<
>>
Prefs
   1/*
   2   BlueZ - Bluetooth protocol stack for Linux
   3   Copyright (C) 2000-2001 Qualcomm Incorporated
   4
   5   Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
   6
   7   This program is free software; you can redistribute it and/or modify
   8   it under the terms of the GNU General Public License version 2 as
   9   published by the Free Software Foundation;
  10
  11   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
  12   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  13   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
  14   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
  15   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
  16   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  17   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  18   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  19
  20   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
  21   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
  22   SOFTWARE IS DISCLAIMED.
  23*/
  24
  25/* Bluetooth SCO sockets. */
  26
  27#include <linux/module.h>
  28
  29#include <linux/types.h>
  30#include <linux/errno.h>
  31#include <linux/kernel.h>
  32#include <linux/sched.h>
  33#include <linux/slab.h>
  34#include <linux/poll.h>
  35#include <linux/fcntl.h>
  36#include <linux/init.h>
  37#include <linux/interrupt.h>
  38#include <linux/socket.h>
  39#include <linux/skbuff.h>
  40#include <linux/device.h>
  41#include <linux/list.h>
  42#include <net/sock.h>
  43
  44#include <asm/system.h>
  45#include <asm/uaccess.h>
  46
  47#include <net/bluetooth/bluetooth.h>
  48#include <net/bluetooth/hci_core.h>
  49#include <net/bluetooth/sco.h>
  50
  51#define VERSION "0.6"
  52
  53static int disable_esco = 0;
  54
  55static const struct proto_ops sco_sock_ops;
  56
  57static struct bt_sock_list sco_sk_list = {
  58        .lock = __RW_LOCK_UNLOCKED(sco_sk_list.lock)
  59};
  60
  61static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent);
  62static void sco_chan_del(struct sock *sk, int err);
  63
  64static int  sco_conn_del(struct hci_conn *conn, int err);
  65
  66static void sco_sock_close(struct sock *sk);
  67static void sco_sock_kill(struct sock *sk);
  68
  69/* ---- SCO timers ---- */
  70static void sco_sock_timeout(unsigned long arg)
  71{
  72        struct sock *sk = (struct sock *) arg;
  73
  74        BT_DBG("sock %p state %d", sk, sk->sk_state);
  75
  76        bh_lock_sock(sk);
  77        sk->sk_err = ETIMEDOUT;
  78        sk->sk_state_change(sk);
  79        bh_unlock_sock(sk);
  80
  81        sco_sock_kill(sk);
  82        sock_put(sk);
  83}
  84
  85static void sco_sock_set_timer(struct sock *sk, long timeout)
  86{
  87        BT_DBG("sock %p state %d timeout %ld", sk, sk->sk_state, timeout);
  88        sk_reset_timer(sk, &sk->sk_timer, jiffies + timeout);
  89}
  90
  91static void sco_sock_clear_timer(struct sock *sk)
  92{
  93        BT_DBG("sock %p state %d", sk, sk->sk_state);
  94        sk_stop_timer(sk, &sk->sk_timer);
  95}
  96
  97/* ---- SCO connections ---- */
  98static struct sco_conn *sco_conn_add(struct hci_conn *hcon, __u8 status)
  99{
 100        struct hci_dev *hdev = hcon->hdev;
 101        struct sco_conn *conn = hcon->sco_data;
 102
 103        if (conn || status)
 104                return conn;
 105
 106        conn = kzalloc(sizeof(struct sco_conn), GFP_ATOMIC);
 107        if (!conn)
 108                return NULL;
 109
 110        spin_lock_init(&conn->lock);
 111
 112        hcon->sco_data = conn;
 113        conn->hcon = hcon;
 114
 115        conn->src = &hdev->bdaddr;
 116        conn->dst = &hcon->dst;
 117
 118        if (hdev->sco_mtu > 0)
 119                conn->mtu = hdev->sco_mtu;
 120        else
 121                conn->mtu = 60;
 122
 123        BT_DBG("hcon %p conn %p", hcon, conn);
 124
 125        return conn;
 126}
 127
 128static inline struct sock *sco_chan_get(struct sco_conn *conn)
 129{
 130        struct sock *sk = NULL;
 131        sco_conn_lock(conn);
 132        sk = conn->sk;
 133        sco_conn_unlock(conn);
 134        return sk;
 135}
 136
 137static int sco_conn_del(struct hci_conn *hcon, int err)
 138{
 139        struct sco_conn *conn;
 140        struct sock *sk;
 141
 142        if (!(conn = hcon->sco_data))
 143                return 0;
 144
 145        BT_DBG("hcon %p conn %p, err %d", hcon, conn, err);
 146
 147        /* Kill socket */
 148        if ((sk = sco_chan_get(conn))) {
 149                bh_lock_sock(sk);
 150                sco_sock_clear_timer(sk);
 151                sco_chan_del(sk, err);
 152                bh_unlock_sock(sk);
 153                sco_sock_kill(sk);
 154        }
 155
 156        hcon->sco_data = NULL;
 157        kfree(conn);
 158        return 0;
 159}
 160
 161static inline int sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
 162{
 163        int err = 0;
 164
 165        sco_conn_lock(conn);
 166        if (conn->sk) {
 167                err = -EBUSY;
 168        } else {
 169                __sco_chan_add(conn, sk, parent);
 170        }
 171        sco_conn_unlock(conn);
 172        return err;
 173}
 174
 175static int sco_connect(struct sock *sk)
 176{
 177        bdaddr_t *src = &bt_sk(sk)->src;
 178        bdaddr_t *dst = &bt_sk(sk)->dst;
 179        struct sco_conn *conn;
 180        struct hci_conn *hcon;
 181        struct hci_dev  *hdev;
 182        int err, type;
 183
 184        BT_DBG("%s -> %s", batostr(src), batostr(dst));
 185
 186        if (!(hdev = hci_get_route(dst, src)))
 187                return -EHOSTUNREACH;
 188
 189        hci_dev_lock_bh(hdev);
 190
 191        err = -ENOMEM;
 192
 193        if (lmp_esco_capable(hdev) && !disable_esco)
 194                type = ESCO_LINK;
 195        else
 196                type = SCO_LINK;
 197
 198        hcon = hci_connect(hdev, type, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
 199        if (!hcon)
 200                goto done;
 201
 202        conn = sco_conn_add(hcon, 0);
 203        if (!conn) {
 204                hci_conn_put(hcon);
 205                goto done;
 206        }
 207
 208        /* Update source addr of the socket */
 209        bacpy(src, conn->src);
 210
 211        err = sco_chan_add(conn, sk, NULL);
 212        if (err)
 213                goto done;
 214
 215        if (hcon->state == BT_CONNECTED) {
 216                sco_sock_clear_timer(sk);
 217                sk->sk_state = BT_CONNECTED;
 218        } else {
 219                sk->sk_state = BT_CONNECT;
 220                sco_sock_set_timer(sk, sk->sk_sndtimeo);
 221        }
 222
 223done:
 224        hci_dev_unlock_bh(hdev);
 225        hci_dev_put(hdev);
 226        return err;
 227}
 228
 229static inline int sco_send_frame(struct sock *sk, struct msghdr *msg, int len)
 230{
 231        struct sco_conn *conn = sco_pi(sk)->conn;
 232        struct sk_buff *skb;
 233        int err, count;
 234
 235        /* Check outgoing MTU */
 236        if (len > conn->mtu)
 237                return -EINVAL;
 238
 239        BT_DBG("sk %p len %d", sk, len);
 240
 241        count = min_t(unsigned int, conn->mtu, len);
 242        if (!(skb = bt_skb_send_alloc(sk, count, msg->msg_flags & MSG_DONTWAIT, &err)))
 243                return err;
 244
 245        if (memcpy_fromiovec(skb_put(skb, count), msg->msg_iov, count)) {
 246                err = -EFAULT;
 247                goto fail;
 248        }
 249
 250        if ((err = hci_send_sco(conn->hcon, skb)) < 0)
 251                return err;
 252
 253        return count;
 254
 255fail:
 256        kfree_skb(skb);
 257        return err;
 258}
 259
 260static inline void sco_recv_frame(struct sco_conn *conn, struct sk_buff *skb)
 261{
 262        struct sock *sk = sco_chan_get(conn);
 263
 264        if (!sk)
 265                goto drop;
 266
 267        BT_DBG("sk %p len %d", sk, skb->len);
 268
 269        if (sk->sk_state != BT_CONNECTED)
 270                goto drop;
 271
 272        if (!sock_queue_rcv_skb(sk, skb))
 273                return;
 274
 275drop:
 276        kfree_skb(skb);
 277        return;
 278}
 279
 280/* -------- Socket interface ---------- */
 281static struct sock *__sco_get_sock_by_addr(bdaddr_t *ba)
 282{
 283        struct sock *sk;
 284        struct hlist_node *node;
 285
 286        sk_for_each(sk, node, &sco_sk_list.head)
 287                if (!bacmp(&bt_sk(sk)->src, ba))
 288                        goto found;
 289        sk = NULL;
 290found:
 291        return sk;
 292}
 293
 294/* Find socket listening on source bdaddr.
 295 * Returns closest match.
 296 */
 297static struct sock *sco_get_sock_listen(bdaddr_t *src)
 298{
 299        struct sock *sk = NULL, *sk1 = NULL;
 300        struct hlist_node *node;
 301
 302        read_lock(&sco_sk_list.lock);
 303
 304        sk_for_each(sk, node, &sco_sk_list.head) {
 305                if (sk->sk_state != BT_LISTEN)
 306                        continue;
 307
 308                /* Exact match. */
 309                if (!bacmp(&bt_sk(sk)->src, src))
 310                        break;
 311
 312                /* Closest match */
 313                if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
 314                        sk1 = sk;
 315        }
 316
 317        read_unlock(&sco_sk_list.lock);
 318
 319        return node ? sk : sk1;
 320}
 321
 322static void sco_sock_destruct(struct sock *sk)
 323{
 324        BT_DBG("sk %p", sk);
 325
 326        skb_queue_purge(&sk->sk_receive_queue);
 327        skb_queue_purge(&sk->sk_write_queue);
 328}
 329
 330static void sco_sock_cleanup_listen(struct sock *parent)
 331{
 332        struct sock *sk;
 333
 334        BT_DBG("parent %p", parent);
 335
 336        /* Close not yet accepted channels */
 337        while ((sk = bt_accept_dequeue(parent, NULL))) {
 338                sco_sock_close(sk);
 339                sco_sock_kill(sk);
 340        }
 341
 342        parent->sk_state  = BT_CLOSED;
 343        sock_set_flag(parent, SOCK_ZAPPED);
 344}
 345
 346/* Kill socket (only if zapped and orphan)
 347 * Must be called on unlocked socket.
 348 */
 349static void sco_sock_kill(struct sock *sk)
 350{
 351        if (!sock_flag(sk, SOCK_ZAPPED) || sk->sk_socket)
 352                return;
 353
 354        BT_DBG("sk %p state %d", sk, sk->sk_state);
 355
 356        /* Kill poor orphan */
 357        bt_sock_unlink(&sco_sk_list, sk);
 358        sock_set_flag(sk, SOCK_DEAD);
 359        sock_put(sk);
 360}
 361
 362/* Close socket.
 363 * Must be called on unlocked socket.
 364 */
 365static void sco_sock_close(struct sock *sk)
 366{
 367        struct sco_conn *conn;
 368
 369        sco_sock_clear_timer(sk);
 370
 371        lock_sock(sk);
 372
 373        conn = sco_pi(sk)->conn;
 374
 375        BT_DBG("sk %p state %d conn %p socket %p", sk, sk->sk_state, conn, sk->sk_socket);
 376
 377        switch (sk->sk_state) {
 378        case BT_LISTEN:
 379                sco_sock_cleanup_listen(sk);
 380                break;
 381
 382        case BT_CONNECTED:
 383        case BT_CONFIG:
 384        case BT_CONNECT:
 385        case BT_DISCONN:
 386                sco_chan_del(sk, ECONNRESET);
 387                break;
 388
 389        default:
 390                sock_set_flag(sk, SOCK_ZAPPED);
 391                break;
 392        }
 393
 394        release_sock(sk);
 395
 396        sco_sock_kill(sk);
 397}
 398
 399static void sco_sock_init(struct sock *sk, struct sock *parent)
 400{
 401        BT_DBG("sk %p", sk);
 402
 403        if (parent)
 404                sk->sk_type = parent->sk_type;
 405}
 406
 407static struct proto sco_proto = {
 408        .name           = "SCO",
 409        .owner          = THIS_MODULE,
 410        .obj_size       = sizeof(struct sco_pinfo)
 411};
 412
 413static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int proto, gfp_t prio)
 414{
 415        struct sock *sk;
 416
 417        sk = sk_alloc(net, PF_BLUETOOTH, prio, &sco_proto);
 418        if (!sk)
 419                return NULL;
 420
 421        sock_init_data(sock, sk);
 422        INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
 423
 424        sk->sk_destruct = sco_sock_destruct;
 425        sk->sk_sndtimeo = SCO_CONN_TIMEOUT;
 426
 427        sock_reset_flag(sk, SOCK_ZAPPED);
 428
 429        sk->sk_protocol = proto;
 430        sk->sk_state    = BT_OPEN;
 431
 432        setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
 433
 434        bt_sock_link(&sco_sk_list, sk);
 435        return sk;
 436}
 437
 438static int sco_sock_create(struct net *net, struct socket *sock, int protocol)
 439{
 440        struct sock *sk;
 441
 442        BT_DBG("sock %p", sock);
 443
 444        sock->state = SS_UNCONNECTED;
 445
 446        if (sock->type != SOCK_SEQPACKET)
 447                return -ESOCKTNOSUPPORT;
 448
 449        sock->ops = &sco_sock_ops;
 450
 451        sk = sco_sock_alloc(net, sock, protocol, GFP_ATOMIC);
 452        if (!sk)
 453                return -ENOMEM;
 454
 455        sco_sock_init(sk, NULL);
 456        return 0;
 457}
 458
 459static int sco_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_len)
 460{
 461        struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
 462        struct sock *sk = sock->sk;
 463        bdaddr_t *src = &sa->sco_bdaddr;
 464        int err = 0;
 465
 466        BT_DBG("sk %p %s", sk, batostr(&sa->sco_bdaddr));
 467
 468        if (!addr || addr->sa_family != AF_BLUETOOTH)
 469                return -EINVAL;
 470
 471        lock_sock(sk);
 472
 473        if (sk->sk_state != BT_OPEN) {
 474                err = -EBADFD;
 475                goto done;
 476        }
 477
 478        write_lock_bh(&sco_sk_list.lock);
 479
 480        if (bacmp(src, BDADDR_ANY) && __sco_get_sock_by_addr(src)) {
 481                err = -EADDRINUSE;
 482        } else {
 483                /* Save source address */
 484                bacpy(&bt_sk(sk)->src, &sa->sco_bdaddr);
 485                sk->sk_state = BT_BOUND;
 486        }
 487
 488        write_unlock_bh(&sco_sk_list.lock);
 489
 490done:
 491        release_sock(sk);
 492        return err;
 493}
 494
 495static int sco_sock_connect(struct socket *sock, struct sockaddr *addr, int alen, int flags)
 496{
 497        struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
 498        struct sock *sk = sock->sk;
 499        int err = 0;
 500
 501
 502        BT_DBG("sk %p", sk);
 503
 504        if (addr->sa_family != AF_BLUETOOTH || alen < sizeof(struct sockaddr_sco))
 505                return -EINVAL;
 506
 507        if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND)
 508                return -EBADFD;
 509
 510        if (sk->sk_type != SOCK_SEQPACKET)
 511                return -EINVAL;
 512
 513        lock_sock(sk);
 514
 515        /* Set destination address and psm */
 516        bacpy(&bt_sk(sk)->dst, &sa->sco_bdaddr);
 517
 518        if ((err = sco_connect(sk)))
 519                goto done;
 520
 521        err = bt_sock_wait_state(sk, BT_CONNECTED,
 522                        sock_sndtimeo(sk, flags & O_NONBLOCK));
 523
 524done:
 525        release_sock(sk);
 526        return err;
 527}
 528
 529static int sco_sock_listen(struct socket *sock, int backlog)
 530{
 531        struct sock *sk = sock->sk;
 532        int err = 0;
 533
 534        BT_DBG("sk %p backlog %d", sk, backlog);
 535
 536        lock_sock(sk);
 537
 538        if (sk->sk_state != BT_BOUND || sock->type != SOCK_SEQPACKET) {
 539                err = -EBADFD;
 540                goto done;
 541        }
 542
 543        sk->sk_max_ack_backlog = backlog;
 544        sk->sk_ack_backlog = 0;
 545        sk->sk_state = BT_LISTEN;
 546
 547done:
 548        release_sock(sk);
 549        return err;
 550}
 551
 552static int sco_sock_accept(struct socket *sock, struct socket *newsock, int flags)
 553{
 554        DECLARE_WAITQUEUE(wait, current);
 555        struct sock *sk = sock->sk, *ch;
 556        long timeo;
 557        int err = 0;
 558
 559        lock_sock(sk);
 560
 561        if (sk->sk_state != BT_LISTEN) {
 562                err = -EBADFD;
 563                goto done;
 564        }
 565
 566        timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
 567
 568        BT_DBG("sk %p timeo %ld", sk, timeo);
 569
 570        /* Wait for an incoming connection. (wake-one). */
 571        add_wait_queue_exclusive(sk->sk_sleep, &wait);
 572        while (!(ch = bt_accept_dequeue(sk, newsock))) {
 573                set_current_state(TASK_INTERRUPTIBLE);
 574                if (!timeo) {
 575                        err = -EAGAIN;
 576                        break;
 577                }
 578
 579                release_sock(sk);
 580                timeo = schedule_timeout(timeo);
 581                lock_sock(sk);
 582
 583                if (sk->sk_state != BT_LISTEN) {
 584                        err = -EBADFD;
 585                        break;
 586                }
 587
 588                if (signal_pending(current)) {
 589                        err = sock_intr_errno(timeo);
 590                        break;
 591                }
 592        }
 593        set_current_state(TASK_RUNNING);
 594        remove_wait_queue(sk->sk_sleep, &wait);
 595
 596        if (err)
 597                goto done;
 598
 599        newsock->state = SS_CONNECTED;
 600
 601        BT_DBG("new socket %p", ch);
 602
 603done:
 604        release_sock(sk);
 605        return err;
 606}
 607
 608static int sco_sock_getname(struct socket *sock, struct sockaddr *addr, int *len, int peer)
 609{
 610        struct sockaddr_sco *sa = (struct sockaddr_sco *) addr;
 611        struct sock *sk = sock->sk;
 612
 613        BT_DBG("sock %p, sk %p", sock, sk);
 614
 615        addr->sa_family = AF_BLUETOOTH;
 616        *len = sizeof(struct sockaddr_sco);
 617
 618        if (peer)
 619                bacpy(&sa->sco_bdaddr, &bt_sk(sk)->dst);
 620        else
 621                bacpy(&sa->sco_bdaddr, &bt_sk(sk)->src);
 622
 623        return 0;
 624}
 625
 626static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
 627                            struct msghdr *msg, size_t len)
 628{
 629        struct sock *sk = sock->sk;
 630        int err = 0;
 631
 632        BT_DBG("sock %p, sk %p", sock, sk);
 633
 634        err = sock_error(sk);
 635        if (err)
 636                return err;
 637
 638        if (msg->msg_flags & MSG_OOB)
 639                return -EOPNOTSUPP;
 640
 641        lock_sock(sk);
 642
 643        if (sk->sk_state == BT_CONNECTED)
 644                err = sco_send_frame(sk, msg, len);
 645        else
 646                err = -ENOTCONN;
 647
 648        release_sock(sk);
 649        return err;
 650}
 651
 652static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
 653{
 654        struct sock *sk = sock->sk;
 655        int err = 0;
 656
 657        BT_DBG("sk %p", sk);
 658
 659        lock_sock(sk);
 660
 661        switch (optname) {
 662        default:
 663                err = -ENOPROTOOPT;
 664                break;
 665        }
 666
 667        release_sock(sk);
 668        return err;
 669}
 670
 671static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
 672{
 673        struct sock *sk = sock->sk;
 674        struct sco_options opts;
 675        struct sco_conninfo cinfo;
 676        int len, err = 0;
 677
 678        BT_DBG("sk %p", sk);
 679
 680        if (get_user(len, optlen))
 681                return -EFAULT;
 682
 683        lock_sock(sk);
 684
 685        switch (optname) {
 686        case SCO_OPTIONS:
 687                if (sk->sk_state != BT_CONNECTED) {
 688                        err = -ENOTCONN;
 689                        break;
 690                }
 691
 692                opts.mtu = sco_pi(sk)->conn->mtu;
 693
 694                BT_DBG("mtu %d", opts.mtu);
 695
 696                len = min_t(unsigned int, len, sizeof(opts));
 697                if (copy_to_user(optval, (char *)&opts, len))
 698                        err = -EFAULT;
 699
 700                break;
 701
 702        case SCO_CONNINFO:
 703                if (sk->sk_state != BT_CONNECTED) {
 704                        err = -ENOTCONN;
 705                        break;
 706                }
 707
 708                cinfo.hci_handle = sco_pi(sk)->conn->hcon->handle;
 709                memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon->dev_class, 3);
 710
 711                len = min_t(unsigned int, len, sizeof(cinfo));
 712                if (copy_to_user(optval, (char *)&cinfo, len))
 713                        err = -EFAULT;
 714
 715                break;
 716
 717        default:
 718                err = -ENOPROTOOPT;
 719                break;
 720        }
 721
 722        release_sock(sk);
 723        return err;
 724}
 725
 726static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
 727{
 728        struct sock *sk = sock->sk;
 729        int len, err = 0;
 730
 731        BT_DBG("sk %p", sk);
 732
 733        if (level == SOL_SCO)
 734                return sco_sock_getsockopt_old(sock, optname, optval, optlen);
 735
 736        if (get_user(len, optlen))
 737                return -EFAULT;
 738
 739        lock_sock(sk);
 740
 741        switch (optname) {
 742        default:
 743                err = -ENOPROTOOPT;
 744                break;
 745        }
 746
 747        release_sock(sk);
 748        return err;
 749}
 750
 751static int sco_sock_release(struct socket *sock)
 752{
 753        struct sock *sk = sock->sk;
 754        int err = 0;
 755
 756        BT_DBG("sock %p, sk %p", sock, sk);
 757
 758        if (!sk)
 759                return 0;
 760
 761        sco_sock_close(sk);
 762
 763        if (sock_flag(sk, SOCK_LINGER) && sk->sk_lingertime) {
 764                lock_sock(sk);
 765                err = bt_sock_wait_state(sk, BT_CLOSED, sk->sk_lingertime);
 766                release_sock(sk);
 767        }
 768
 769        sock_orphan(sk);
 770        sco_sock_kill(sk);
 771        return err;
 772}
 773
 774static void __sco_chan_add(struct sco_conn *conn, struct sock *sk, struct sock *parent)
 775{
 776        BT_DBG("conn %p", conn);
 777
 778        sco_pi(sk)->conn = conn;
 779        conn->sk = sk;
 780
 781        if (parent)
 782                bt_accept_enqueue(parent, sk);
 783}
 784
 785/* Delete channel.
 786 * Must be called on the locked socket. */
 787static void sco_chan_del(struct sock *sk, int err)
 788{
 789        struct sco_conn *conn;
 790
 791        conn = sco_pi(sk)->conn;
 792
 793        BT_DBG("sk %p, conn %p, err %d", sk, conn, err);
 794
 795        if (conn) {
 796                sco_conn_lock(conn);
 797                conn->sk = NULL;
 798                sco_pi(sk)->conn = NULL;
 799                sco_conn_unlock(conn);
 800                hci_conn_put(conn->hcon);
 801        }
 802
 803        sk->sk_state = BT_CLOSED;
 804        sk->sk_err   = err;
 805        sk->sk_state_change(sk);
 806
 807        sock_set_flag(sk, SOCK_ZAPPED);
 808}
 809
 810static void sco_conn_ready(struct sco_conn *conn)
 811{
 812        struct sock *parent, *sk;
 813
 814        BT_DBG("conn %p", conn);
 815
 816        sco_conn_lock(conn);
 817
 818        if ((sk = conn->sk)) {
 819                sco_sock_clear_timer(sk);
 820                bh_lock_sock(sk);
 821                sk->sk_state = BT_CONNECTED;
 822                sk->sk_state_change(sk);
 823                bh_unlock_sock(sk);
 824        } else {
 825                parent = sco_get_sock_listen(conn->src);
 826                if (!parent)
 827                        goto done;
 828
 829                bh_lock_sock(parent);
 830
 831                sk = sco_sock_alloc(sock_net(parent), NULL, BTPROTO_SCO, GFP_ATOMIC);
 832                if (!sk) {
 833                        bh_unlock_sock(parent);
 834                        goto done;
 835                }
 836
 837                sco_sock_init(sk, parent);
 838
 839                bacpy(&bt_sk(sk)->src, conn->src);
 840                bacpy(&bt_sk(sk)->dst, conn->dst);
 841
 842                hci_conn_hold(conn->hcon);
 843                __sco_chan_add(conn, sk, parent);
 844
 845                sk->sk_state = BT_CONNECTED;
 846
 847                /* Wake up parent */
 848                parent->sk_data_ready(parent, 1);
 849
 850                bh_unlock_sock(parent);
 851        }
 852
 853done:
 854        sco_conn_unlock(conn);
 855}
 856
 857/* ----- SCO interface with lower layer (HCI) ----- */
 858static int sco_connect_ind(struct hci_dev *hdev, bdaddr_t *bdaddr, __u8 type)
 859{
 860        register struct sock *sk;
 861        struct hlist_node *node;
 862        int lm = 0;
 863
 864        if (type != SCO_LINK && type != ESCO_LINK)
 865                return 0;
 866
 867        BT_DBG("hdev %s, bdaddr %s", hdev->name, batostr(bdaddr));
 868
 869        /* Find listening sockets */
 870        read_lock(&sco_sk_list.lock);
 871        sk_for_each(sk, node, &sco_sk_list.head) {
 872                if (sk->sk_state != BT_LISTEN)
 873                        continue;
 874
 875                if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr) ||
 876                                !bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
 877                        lm |= HCI_LM_ACCEPT;
 878                        break;
 879                }
 880        }
 881        read_unlock(&sco_sk_list.lock);
 882
 883        return lm;
 884}
 885
 886static int sco_connect_cfm(struct hci_conn *hcon, __u8 status)
 887{
 888        BT_DBG("hcon %p bdaddr %s status %d", hcon, batostr(&hcon->dst), status);
 889
 890        if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
 891                return 0;
 892
 893        if (!status) {
 894                struct sco_conn *conn;
 895
 896                conn = sco_conn_add(hcon, status);
 897                if (conn)
 898                        sco_conn_ready(conn);
 899        } else
 900                sco_conn_del(hcon, bt_err(status));
 901
 902        return 0;
 903}
 904
 905static int sco_disconn_cfm(struct hci_conn *hcon, __u8 reason)
 906{
 907        BT_DBG("hcon %p reason %d", hcon, reason);
 908
 909        if (hcon->type != SCO_LINK && hcon->type != ESCO_LINK)
 910                return 0;
 911
 912        sco_conn_del(hcon, bt_err(reason));
 913
 914        return 0;
 915}
 916
 917static int sco_recv_scodata(struct hci_conn *hcon, struct sk_buff *skb)
 918{
 919        struct sco_conn *conn = hcon->sco_data;
 920
 921        if (!conn)
 922                goto drop;
 923
 924        BT_DBG("conn %p len %d", conn, skb->len);
 925
 926        if (skb->len) {
 927                sco_recv_frame(conn, skb);
 928                return 0;
 929        }
 930
 931drop:
 932        kfree_skb(skb);
 933        return 0;
 934}
 935
 936static ssize_t sco_sysfs_show(struct class *dev, char *buf)
 937{
 938        struct sock *sk;
 939        struct hlist_node *node;
 940        char *str = buf;
 941
 942        read_lock_bh(&sco_sk_list.lock);
 943
 944        sk_for_each(sk, node, &sco_sk_list.head) {
 945                str += sprintf(str, "%s %s %d\n",
 946                                batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
 947                                sk->sk_state);
 948        }
 949
 950        read_unlock_bh(&sco_sk_list.lock);
 951
 952        return (str - buf);
 953}
 954
 955static CLASS_ATTR(sco, S_IRUGO, sco_sysfs_show, NULL);
 956
 957static const struct proto_ops sco_sock_ops = {
 958        .family         = PF_BLUETOOTH,
 959        .owner          = THIS_MODULE,
 960        .release        = sco_sock_release,
 961        .bind           = sco_sock_bind,
 962        .connect        = sco_sock_connect,
 963        .listen         = sco_sock_listen,
 964        .accept         = sco_sock_accept,
 965        .getname        = sco_sock_getname,
 966        .sendmsg        = sco_sock_sendmsg,
 967        .recvmsg        = bt_sock_recvmsg,
 968        .poll           = bt_sock_poll,
 969        .ioctl          = bt_sock_ioctl,
 970        .mmap           = sock_no_mmap,
 971        .socketpair     = sock_no_socketpair,
 972        .shutdown       = sock_no_shutdown,
 973        .setsockopt     = sco_sock_setsockopt,
 974        .getsockopt     = sco_sock_getsockopt
 975};
 976
 977static struct net_proto_family sco_sock_family_ops = {
 978        .family = PF_BLUETOOTH,
 979        .owner  = THIS_MODULE,
 980        .create = sco_sock_create,
 981};
 982
 983static struct hci_proto sco_hci_proto = {
 984        .name           = "SCO",
 985        .id             = HCI_PROTO_SCO,
 986        .connect_ind    = sco_connect_ind,
 987        .connect_cfm    = sco_connect_cfm,
 988        .disconn_cfm    = sco_disconn_cfm,
 989        .recv_scodata   = sco_recv_scodata
 990};
 991
 992static int __init sco_init(void)
 993{
 994        int err;
 995
 996        err = proto_register(&sco_proto, 0);
 997        if (err < 0)
 998                return err;
 999
1000        err = bt_sock_register(BTPROTO_SCO, &sco_sock_family_ops);
1001        if (err < 0) {
1002                BT_ERR("SCO socket registration failed");
1003                goto error;
1004        }
1005
1006        err = hci_register_proto(&sco_hci_proto);
1007        if (err < 0) {
1008                BT_ERR("SCO protocol registration failed");
1009                bt_sock_unregister(BTPROTO_SCO);
1010                goto error;
1011        }
1012
1013        if (class_create_file(bt_class, &class_attr_sco) < 0)
1014                BT_ERR("Failed to create SCO info file");
1015
1016        BT_INFO("SCO (Voice Link) ver %s", VERSION);
1017        BT_INFO("SCO socket layer initialized");
1018
1019        return 0;
1020
1021error:
1022        proto_unregister(&sco_proto);
1023        return err;
1024}
1025
1026static void __exit sco_exit(void)
1027{
1028        class_remove_file(bt_class, &class_attr_sco);
1029
1030        if (bt_sock_unregister(BTPROTO_SCO) < 0)
1031                BT_ERR("SCO socket unregistration failed");
1032
1033        if (hci_unregister_proto(&sco_hci_proto) < 0)
1034                BT_ERR("SCO protocol unregistration failed");
1035
1036        proto_unregister(&sco_proto);
1037}
1038
1039module_init(sco_init);
1040module_exit(sco_exit);
1041
1042module_param(disable_esco, bool, 0644);
1043MODULE_PARM_DESC(disable_esco, "Disable eSCO connection creation");
1044
1045MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
1046MODULE_DESCRIPTION("Bluetooth SCO ver " VERSION);
1047MODULE_VERSION(VERSION);
1048MODULE_LICENSE("GPL");
1049MODULE_ALIAS("bt-proto-2");
1050